socks based proxy tunnelling using SSH

SSH Tunneling

Your Dreamhost account can be used to create a secure tunnel to circumvent firewalls that prevent access to particular websites. This isn’t recommended as a replacement for a VPN or similar service, but if you need the occasional ability to reach sites that would otherwise be unreachable *or* need secure access because you are using an unsecured access point, this might be an appropriate solution for you.

SOCKS is the name of the protocol used. SSH is the name of the software used to create the tunnel. There are a number of GUI options available for Windows, Mac OS X, and *nix, but using SSH usually demands a command-line environment. This article will assume that it is installed and configured appropriately. Practically speaking, this information is not that important. You just need to know the magic incantations.

Note: This is a great temporary solution if you need to view something your ISP has blocked for unknown reasons. It should be considered a temporary solution, as it will definitely use bandwidth on your account. When you are on a shared server, it’s nice not to abuse the system.

Log into your dreamhost account and make sure you have a user set up for shell access.

Install Tunnelier.

In the ‘login’ tab use these settings

Host: your host – i.e. blink.dreamhost.com or my.host.com,

Port: 22

Username: your user name

Initial Method: Password

Password: your password

Check: Store encrypted password in profile.

Under the services tab, set up the proxy option as follows:

In the SOCKS/HTTP Proxy Forwarding area:

Check ‘Enabled’

Listen Interface: 127.0.0.1

Listen Port: 1080

(Leave the rest alone)

Save and name the profile to a folder ‘Tunnelier Profiles’ perhaps in ‘My Documents’.

Install FoxyProxy in firefox and set up a new proxy as follows.

Under proxy details tab check ‘Manual configuration’.

Host or IP Address: 127.0.0.1

Port: 1080

Check: SOCKS Proxy

Select: SOCKS v5

Launch the profile from the desktop and then select the proxy in firefox with FoxyProxy.

Remember to disable FoxyProxy and exit out of Tunnelier when you’re finished.

Mac Instructions

These instructions are for the Mac (or any *nix environment). Windows users can do this via PuTTY.

Setting Up Your Tunnel

1. Open Terminal

The default location for this is in /Applications/Utilities/ but if you can’t find it, you can use Spotlight to look for it (look in the blue search bar in the upper right hand corner).

2. Execute the ssh command

Upon opening Terminal, you should see a prompt that looks something like this:

Avericity:~ avery$

Type in the following:

ssh -D 9999 username@hostname.com

There are several options that you could run along with -D. -D just indicates that we are creating a dynamic port; the subsequent number indicates what port we actually created. Other options that are interesting are:

-C: for compression

-N: to create a non-interactive shell

-vv: to see all the network connections created

So your ssh command could looks as complicated as:

ssh -vv -CND 9999 username@hostname.com

Directing Your Browser

Firefox

In Firefox you can go to your preferences, and under the Advanced settings there is a Network tab. Click on the button labeled: Settings… There, you want to select Manual proxy configuration and under SOCKS Host enter 127.0.0.1 or localhost. For the port, enter 9999 or whatever port that you chose. This should work. I haven’t gotten it to work; I use Safari instead.

Safari

Using Safari requires you to modify your Network preferences. In the Network preference pane, click the Advanced… button at the bottom of the pane. Now click the tab labeled Proxies. There will be a pull-down menu, select Configure Proxies: Manually. Under protocols to configure, make sure the SOCKS protocol is checked. Make sure that your SOCKS Proxy is set to 127.0.0.1 and the port number is set to 9999.